Comments on: How to decode ugly eval(gzinflate(base64_decode http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/ About all sorth of things: PHP, Hacks, Scripts, Servers, Linux, Technology, News, Trends Mon, 01 Dec 2008 21:47:37 +0000 http://wordpress.org/?v=2.6.5 By: IDLdesigns.com http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-2889 IDLdesigns.com Tue, 25 Nov 2008 10:07:40 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-2889 Hope you can help, me ICE_MAG TEMPLATE i succefuly decrypted the footer.php file to html changed the 5 garbage links to mine, replaced the footer.php with decrypted code, but it looks like crap everything is out of place I think i have to encode it back to gzinflate and then upload that, I dont Know, This is a link to download this Wordpress Template (Really Cool) http://www.wpskins.org/download.php?theme=6370&url=/downloads/6370.zip Hope you can help, me

ICE_MAG TEMPLATE

i succefuly decrypted the footer.php file to html changed the 5 garbage links to mine, replaced the footer.php with decrypted code, but it looks like crap
everything is out of place
I think i have to encode it
back to gzinflate and then upload that,

I dont Know,

This is a link to download
this Wordpress Template
(Really Cool)

http://www.wpskins.org/download.php?theme=6370&url=/downloads/6370.zip

]]> By: VJ http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-1355 VJ Sun, 05 Oct 2008 02:33:03 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-1355 Hey Tom, Try this code: $out="PLACE STRING HERE WITHOUT THE EVAL() PART"; $i=0; while(strpos($out,"gzinflate(base64_decode(")>0){ $i++; print("Loop $i "); $out=str_replace(array("eval(gzinflate(base64_decode('","')));"),array("",""),$out); $out=base64_decode($out); $out=gzinflate($out); } print($out); Cheers, VJ Hey Tom,
Try this code:
$out=”PLACE STRING HERE WITHOUT THE EVAL() PART”;
$i=0;
while(strpos($out,”gzinflate(base64_decode(”)>0){
$i++;
print(”Loop $i “);
$out=str_replace(array(”eval(gzinflate(base64_decode(’”,”‘)));”),array(”",”"),$out);
$out=base64_decode($out);
$out=gzinflate($out);
}

print($out);

Cheers, VJ

]]> By: Tom http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-1163 Tom Wed, 10 Sep 2008 21:28:24 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-1163 hello i been trying to decode this for a while and can't seem to be able to decode it i looked every where for a decoder for this if any one can help me that would be great eval(gzinflate(base64_decode('YRZ4FR5O2hLZU+WGZpxFgJeBJqXAE+CAKSxxgEaqs7wWKhyMb3CdVNot4wWL8L7XepyKSdV6/OBU/KUX aWE5t31bsWSK+cDuEtrKPMuaMiuB8DiwIXRY1y9m7zqfDjhfMjp5dDGMEqAz116ucaNBwNWZ3h4TZD55 zfrgu7mlXX3F1voHXlWjLqZRGTEtpp3qcVT4cUhhFnZijVGF9wZgDOsZQI9J7b2oGS4q08W+fBsgu2GO 0dV5tpGklwiS+qxxp9EMHh9ME6N++7IFRrtpd3TqGPi8toZaSVD3kEplDnGHnAjFaKP4qkDWiuMronc0 LMS0UYVZ0GQMX4SXPytcal5LQ6TNPqzs+CDIZVcEPSodxqhk4YmPN7ounAKS4kVQ76HEIuvsc66gZq6W AE4NTbEOQf0mKuwE1q6nNJ7hfnL5QSohYFMSDn7qrmENStI2Pyu3pxpGn8hCFCnxOVAc4WM50n2LOGZg mhNeBuBRdO4NNWofZ30ihNIbeDg5PDeQh75ULTgLWeJczAzc9819R0moksR+tsdOmV0vkyLeP4tn4nUw nSgT948Z370OHC0FAabdZVfOFER9oGjqy20thq7DJYH2Ah8yNkfAGu9ubQx6KJCgmFoao4uNd00pbxWb wxHxyyEZdTPJcHgpmpNJg/9FbdnidrlvmE5/5Oyc567cg+w89O7PBCWJGZWR47bSW0dCPU7aaxa55pgt OWkgDF4lYGj6Wj7JlW2oLhgidKt1icu4XHHkgjfah30q4pgxBeUSLsfYVNbwWtyXPiqPSGrqxUPnFuuV Eoaqgd2RV5jB+rDPkJP1DvBjwTK2KcE3lnYcMeKkNNYYEw6yMDbyxRC+WWZ2R6WapRVobMwKhVe/Dv7h V46OnyNFJCx67FXeCnCtX+3h2XRFUjRMlX3KAM13rXji52cx0GRGm+/wTWN6yVdVu+N7QFvB+H3vLgU2 Vys4h7KZnLqk8Uab5D413I/odWu4EczoyxU1yj4OV+0N9VP/rjULKVonnFP16bYdqO5e/xtKx6WJzwQj FnO4mE+u5ZZ8j6kARP1vaI9ozgt3fRT2E5xd3lC3XAY8pYo3GakiPb2D34bY5ZR5pzOogyDX4q7p4Pl+ yj/JpnR4as+ugQxD+jpkKBtNm98G2oqIaUuXZ7VR9fzmssSMki+aWngjCvy5TZDbSF/FAc3uA04d5xdj T9YoDnUzQkhWQ/YMaeuYJRXyoEQU8IwRCqBo2aG6awv87aIAJgNUXPjWNjKRdeGBabg2wVWfwIMgaJcy 3mP2Z3JyJTATNKJ1GNkJGGrWNzAgdcl3Df5JPXwN1SorXWJiFpFijvGJstxuLaoGi+kiYMbvy+qghuxQ p0U/cccCalNNx64kEyLtKAzlbF2exxlinuxC9XpPMaepXMXwAKu0DaZHn/yeVnq1G0MCUUAxJiTBDkFD v+JL4njH2ZVgSmlsy6RQHAGcEpqG2vOC6gjkJYGfneC4VKP3B7gC11oLSa0TjRl2NIp7w/OIyu47dSJ5 HI3ByaEv8WnnxcFPx7Otd7IBVptq619+XHNYH9i9jPvms+TRBssSFLool6hY45uRdZhuWuHAuCeMLNyR lEuq2KTvGMwUu9saWvjAT9vDXMzPn8N/AjsbcKzF4/PX9hU42njQSkh7Gm+6d5WNyA7gphhxhFS08tUO lq2As713F79SlMuFqOkgNAx73TtFEOsTyj8V586pv1S9u2N++TPFKObMmg6sqjfw72K5bQtatLP6r8GW nl+AZ59XNLN2/z0zxulmxNQhJnb4U99wtqp+AbzMjX9ieP1M8OJudXgMekJyA+UpIG6JtxYjrMInEROp Eg+DeoE9UOWlanEInUJNEPAC8rfyx7dS8JWa4cmdj6XMXNUGDrDL4y15GtdTlhF/vNeDGuSHIVW0MI4u hgJJlvOMln8nNW+NI0pPQB0XamK82z6vD+vjCAVsoNaTKou4HWLjOP4dgDRDAUmUgCWSp8UIxYtCgEfd LN7AXL/E3IN7OcZ/CM6tL5OuzH3rs3RY7hlqDgyyxBmNw5U4JvZQ3sd6WJZcJHNFuWlOYi7okXPpeyAB AVzF0ivfemi99LsGTxXk21UEuNEzY6Ux/Qj7WRJCR9JiCLkS+0LKY2npT9+COcexiT3G0PkrDSrGizw6 te3KlAgRmuuFJOvn57dRax7/Cmp1s2CZMpJBmtL6ZoiaWitwGcDE2hfD5enjo3iICxIsd8XvnaIdMJv9 ufhfssD5pWA08kG7Np84tO48O74KwA+82CIVZSjLE7PS6BO20xbGtTsijFQqb7OW6BukQz0eaqSWYONs DoV9U7yW8/nYGojf+yAw3hD0FO0qHnfgLOv0SKf8akV5VhmNjc3K2QD1Or+ZEFdHMi5TFM0pyXqJ5naJ hNcyyJRwSZojjojePZlfb9Rt9UtyCrTh4reeoIlztgvGuXUqOXzIPf9o+FTJ7Vw+8hPwED79rI0JwWTr 1NwcEuKpOvqbNNDNGwH5ne5cEmBv4CMEIKFNwDn2gGC1fO4ev9hZpti9+LRQ3lZaw+2aMIMisteKnYdA 6kNAzMFyz6c5rP0HQK4jb7m2Nhsh4zMppPaxuCgyOuT0r2BWkXyHZxA1X1Bkabjnw/GgO7DIhesuSQs9 XtrE5+ABOIBxqPDNboA+a7wm2XRzTLpjBTh58qOkOhMdeSK9Pq8Yqc5kWSiJLwilKtbeoChpy9X/dqMO 1m7Inleba0CAMTfW3E+NzdwOqp3zCuWUk2PRkR5J4a644GVf8glcIv0Gvl6O4BVSVoJe9sLsJaI4JedD czmb3zIVAnrjfJ12PsVyu0H482L6WGsE/83vxsUXcH71A1zXeb6S0w3BCiuBwsn7r9fg33zozymn9Oj9 +2lP2G+AaDxO484T73jLKpSa4Nihty+4+DDbi7FTcVqyWstnn9ZrB1LRjFsg/alImKkEREb+bNGJC6Xw +Ds15SugNQBKNtkglIi5bH+t+bKFebC1nijch1+2ohgKghfqcV3oo+SrVrZG2IqM4d7VH8T9+/BTHCcx 86OMgaG1ee5lKUbJBqatCfLr6tXVrl770zGcbE9Su/UUdeprjOHDizHV10rJXzwDcZP0ZkleSkEA435A I/lqh9kdqikIrXxiiOjNFgzCxDAKWU9NqVffLuUNQ8P869bfR7pHcIK1DzeZuxOJxMtItLtwhxRLwX8J uy1Kqra1Bxdm7aaJof3mvtSyHBLQXe2QZkvSpsHNtkGxZfEFmB7C40ni43Hebj8mqc/fxb/w5OJ+KvOs 9eNkNS+YDQ1z0ATDICOJDWTLZoVKbbUIjqCASPqgJBiiJAkATJ//7z9+/ff//zfw=='))); hello i been trying to decode this for a while and can’t seem to be able to decode it i looked every where for a decoder for this if any one can help me that would be great

eval(gzinflate(base64_decode(’YRZ4FR5O2hLZU+WGZpxFgJeBJqXAE+CAKSxxgEaqs7wWKhyMb3CdVNot4wWL8L7XepyKSdV6/OBU/KUX
aWE5t31bsWSK+cDuEtrKPMuaMiuB8DiwIXRY1y9m7zqfDjhfMjp5dDGMEqAz116ucaNBwNWZ3h4TZD55
zfrgu7mlXX3F1voHXlWjLqZRGTEtpp3qcVT4cUhhFnZijVGF9wZgDOsZQI9J7b2oGS4q08W+fBsgu2GO
0dV5tpGklwiS+qxxp9EMHh9ME6N++7IFRrtpd3TqGPi8toZaSVD3kEplDnGHnAjFaKP4qkDWiuMronc0
LMS0UYVZ0GQMX4SXPytcal5LQ6TNPqzs+CDIZVcEPSodxqhk4YmPN7ounAKS4kVQ76HEIuvsc66gZq6W
AE4NTbEOQf0mKuwE1q6nNJ7hfnL5QSohYFMSDn7qrmENStI2Pyu3pxpGn8hCFCnxOVAc4WM50n2LOGZg
mhNeBuBRdO4NNWofZ30ihNIbeDg5PDeQh75ULTgLWeJczAzc9819R0moksR+tsdOmV0vkyLeP4tn4nUw
nSgT948Z370OHC0FAabdZVfOFER9oGjqy20thq7DJYH2Ah8yNkfAGu9ubQx6KJCgmFoao4uNd00pbxWb
wxHxyyEZdTPJcHgpmpNJg/9FbdnidrlvmE5/5Oyc567cg+w89O7PBCWJGZWR47bSW0dCPU7aaxa55pgt
OWkgDF4lYGj6Wj7JlW2oLhgidKt1icu4XHHkgjfah30q4pgxBeUSLsfYVNbwWtyXPiqPSGrqxUPnFuuV
Eoaqgd2RV5jB+rDPkJP1DvBjwTK2KcE3lnYcMeKkNNYYEw6yMDbyxRC+WWZ2R6WapRVobMwKhVe/Dv7h
V46OnyNFJCx67FXeCnCtX+3h2XRFUjRMlX3KAM13rXji52cx0GRGm+/wTWN6yVdVu+N7QFvB+H3vLgU2
Vys4h7KZnLqk8Uab5D413I/odWu4EczoyxU1yj4OV+0N9VP/rjULKVonnFP16bYdqO5e/xtKx6WJzwQj
FnO4mE+u5ZZ8j6kARP1vaI9ozgt3fRT2E5xd3lC3XAY8pYo3GakiPb2D34bY5ZR5pzOogyDX4q7p4Pl+
yj/JpnR4as+ugQxD+jpkKBtNm98G2oqIaUuXZ7VR9fzmssSMki+aWngjCvy5TZDbSF/FAc3uA04d5xdj
T9YoDnUzQkhWQ/YMaeuYJRXyoEQU8IwRCqBo2aG6awv87aIAJgNUXPjWNjKRdeGBabg2wVWfwIMgaJcy
3mP2Z3JyJTATNKJ1GNkJGGrWNzAgdcl3Df5JPXwN1SorXWJiFpFijvGJstxuLaoGi+kiYMbvy+qghuxQ
p0U/cccCalNNx64kEyLtKAzlbF2exxlinuxC9XpPMaepXMXwAKu0DaZHn/yeVnq1G0MCUUAxJiTBDkFD
v+JL4njH2ZVgSmlsy6RQHAGcEpqG2vOC6gjkJYGfneC4VKP3B7gC11oLSa0TjRl2NIp7w/OIyu47dSJ5
HI3ByaEv8WnnxcFPx7Otd7IBVptq619+XHNYH9i9jPvms+TRBssSFLool6hY45uRdZhuWuHAuCeMLNyR
lEuq2KTvGMwUu9saWvjAT9vDXMzPn8N/AjsbcKzF4/PX9hU42njQSkh7Gm+6d5WNyA7gphhxhFS08tUO
lq2As713F79SlMuFqOkgNAx73TtFEOsTyj8V586pv1S9u2N++TPFKObMmg6sqjfw72K5bQtatLP6r8GW
nl+AZ59XNLN2/z0zxulmxNQhJnb4U99wtqp+AbzMjX9ieP1M8OJudXgMekJyA+UpIG6JtxYjrMInEROp
Eg+DeoE9UOWlanEInUJNEPAC8rfyx7dS8JWa4cmdj6XMXNUGDrDL4y15GtdTlhF/vNeDGuSHIVW0MI4u
hgJJlvOMln8nNW+NI0pPQB0XamK82z6vD+vjCAVsoNaTKou4HWLjOP4dgDRDAUmUgCWSp8UIxYtCgEfd
LN7AXL/E3IN7OcZ/CM6tL5OuzH3rs3RY7hlqDgyyxBmNw5U4JvZQ3sd6WJZcJHNFuWlOYi7okXPpeyAB
AVzF0ivfemi99LsGTxXk21UEuNEzY6Ux/Qj7WRJCR9JiCLkS+0LKY2npT9+COcexiT3G0PkrDSrGizw6
te3KlAgRmuuFJOvn57dRax7/Cmp1s2CZMpJBmtL6ZoiaWitwGcDE2hfD5enjo3iICxIsd8XvnaIdMJv9
ufhfssD5pWA08kG7Np84tO48O74KwA+82CIVZSjLE7PS6BO20xbGtTsijFQqb7OW6BukQz0eaqSWYONs
DoV9U7yW8/nYGojf+yAw3hD0FO0qHnfgLOv0SKf8akV5VhmNjc3K2QD1Or+ZEFdHMi5TFM0pyXqJ5naJ
hNcyyJRwSZojjojePZlfb9Rt9UtyCrTh4reeoIlztgvGuXUqOXzIPf9o+FTJ7Vw+8hPwED79rI0JwWTr
1NwcEuKpOvqbNNDNGwH5ne5cEmBv4CMEIKFNwDn2gGC1fO4ev9hZpti9+LRQ3lZaw+2aMIMisteKnYdA
6kNAzMFyz6c5rP0HQK4jb7m2Nhsh4zMppPaxuCgyOuT0r2BWkXyHZxA1X1Bkabjnw/GgO7DIhesuSQs9
XtrE5+ABOIBxqPDNboA+a7wm2XRzTLpjBTh58qOkOhMdeSK9Pq8Yqc5kWSiJLwilKtbeoChpy9X/dqMO
1m7Inleba0CAMTfW3E+NzdwOqp3zCuWUk2PRkR5J4a644GVf8glcIv0Gvl6O4BVSVoJe9sLsJaI4JedD
czmb3zIVAnrjfJ12PsVyu0H482L6WGsE/83vxsUXcH71A1zXeb6S0w3BCiuBwsn7r9fg33zozymn9Oj9
+2lP2G+AaDxO484T73jLKpSa4Nihty+4+DDbi7FTcVqyWstnn9ZrB1LRjFsg/alImKkEREb+bNGJC6Xw
+Ds15SugNQBKNtkglIi5bH+t+bKFebC1nijch1+2ohgKghfqcV3oo+SrVrZG2IqM4d7VH8T9+/BTHCcx
86OMgaG1ee5lKUbJBqatCfLr6tXVrl770zGcbE9Su/UUdeprjOHDizHV10rJXzwDcZP0ZkleSkEA435A
I/lqh9kdqikIrXxiiOjNFgzCxDAKWU9NqVffLuUNQ8P869bfR7pHcIK1DzeZuxOJxMtItLtwhxRLwX8J
uy1Kqra1Bxdm7aaJof3mvtSyHBLQXe2QZkvSpsHNtkGxZfEFmB7C40ni43Hebj8mqc/fxb/w5OJ+KvOs
9eNkNS+YDQ1z0ATDICOJDWTLZoVKbbUIjqCASPqgJBiiJAkATJ//7z9+/ff//zfw==’)));

]]> By: Melanie http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-1153 Melanie Mon, 08 Sep 2008 18:01:55 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-1153 I've tried everything and I can't decode the footer and when I take it out it breaks the theme (makes the background black and I can't figure out how to fix it) Please help if you can! The theme is nt-greeny. you can see the broken version at http://www.solar-powered-home.com/ I’ve tried everything and I can’t decode the footer and when I take it out it breaks the theme (makes the background black and I can’t figure out how to fix it) Please help if you can! The theme is nt-greeny. you can see the broken version at http://www.solar-powered-home.com/

]]> By: Bruce Kasinsky http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-545 Bruce Kasinsky Thu, 24 Jul 2008 05:56:58 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-545 Boaaaaa!!! Greetings from brasil !!! Boaaaaa!!!
Greetings from brasil !!!

]]> By: insanity http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-431 insanity Sun, 06 Jul 2008 21:43:23 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-431 Unfortunately that doesn't always work. What is the code was like 34 in word pages like I had? Unfortunately that doesn’t always work.
What is the code was like 34 in word pages like I had?

]]> By: Karan Anand http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-417 Karan Anand Sat, 05 Jul 2008 06:33:22 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-417 Hey guys, i figured out anither easy way to decode footers. just replace the eval word with echo. now instead of giving the decoded code it will print it out. Now check your page source it will be there. If you have a footer which does not have a eval function and have some thing starting like $o="QAAA...... " or $__F=__FILE__;$__C # then just run the php file as it is on server and them check page source! but there are custom encryption where i can not help More information: http://www.karananand.co.cc/blog/2008/07/the-easiest-way-to-decode-decrypt-eval-gzinflate-str_rot13-base64_decode-or-__f__file____c/ Hey guys, i figured out anither easy way to decode footers. just replace the eval word with echo. now instead of giving the decoded code it will print it out. Now check your page source it will be there.

If you have a footer which does not have a eval function and have some thing starting like $o=”QAAA…… ” or $__F=__FILE__;$__C # then just run the php file as it is on server and them check page source!

but there are custom encryption where i can not help

More information:

http://www.karananand.co.cc/blog/2008/07/the-easiest-way-to-decode-decrypt-eval-gzinflate-str_rot13-base64_decode-or-__f__file____c/

]]> By: Thiago Alexandre http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-369 Thiago Alexandre Sat, 28 Jun 2008 21:03:43 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-369 Muito bom!!! Parabéns pelo post. Abraço! Muito bom!!!
Parabéns pelo post.

Abraço!

]]> By: ProXy http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-357 ProXy Sat, 28 Jun 2008 10:06:06 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-357 Kerahna i think you need to increase the memory on your php.ini settings Kerahna i think you need to increase the memory on your php.ini settings

]]> By: Kerahna http://www.proxyutza.com/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-356 Kerahna Fri, 27 Jun 2008 19:39:53 +0000 http://www.proxyutza.com/2008/02/21/how-to-decode-ugly-evalgzinflatebase64_decode/#comment-356 Thanks a lot for this! It would be very helpful once it works but I'm having a little problem.. i think my encrypted code is too BIG (the file is 151k) ... i'm getting this error DECODE nested eval(gzinflate()) from Taree Internet 1. Reading coded.txt 2. Decoding Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 53593088 bytes) in /home/vsmines/public_html/decrypt.php(9) : eval()'d code on line 1 is there anything I can do about it? thanks for your help! Thanks a lot for this! It would be very helpful once it works but I’m having a little problem.. i think my encrypted code is too BIG (the file is 151k) … i’m getting this error

DECODE nested eval(gzinflate()) from Taree Internet 1. Reading coded.txt 2. Decoding
Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 53593088 bytes) in /home/vsmines/public_html/decrypt.php(9) : eval()’d code on line 1

is there anything I can do about it? thanks for your help!

]]>